overide security behavior in j2me and avoid re-authentiaction in webservice
posted 7 years ago
How to avoid re-authentiaction in case of invoking web service from j2me mobile client? do i need to use SSO sever to get authentiaction token like SAML token?
and which SSO server fit in this case?
i need SSO Server that does not need changing code, just need configuration
i look at JBoss Federated SSO but it need to work with JBoss Application Server
or use an authentication token of some kind that, if the client is already authenticated, is enclosed with each subsequent request.
If you are using SOAP, the token can be placed in a SOAP header block
How to overide security behavior in j2me mobile application to accept self signed certitficate? i have mobile appliaction that is a client to secured web service, it connect to that web service using SSL, so security manager of j2me check for this certificate if it is well known certificate (signed by trusted CA) or not
i try to add theses certificates to trust store and success connect to that secured web service, but if my clients wants to dowload the mobile application , the client trust store does not be effected since it does not belong to the application, it is an external entity
and if there is a way to ovride security manager in j2me application , like keyStoreManager and TrustStoreManager in desktop appliaction, what is packge name and hoe to do it
and is all mobile appliaction can access SSL connection or i need to use third party libarary?